Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA PenTest+ Certification Exam

Last Update 15 hours ago Total Questions : 464

The CompTIA PenTest+ Certification Exam content is now fully updated, with all current exam questions added 15 hours ago. Deciding to include PT0-002 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our PT0-002 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these PT0-002 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA PenTest+ Certification Exam practice test comfortably within the allotted time.

Question # 71

Which of the following tools can a penetration tester use to brute force a user password over SSH using multiple threads?

A.

CeWL

B.

John the Ripper

C.

Hashcat

D.

Hydra

Question # 72

A penetration tester is conducting an unknown environment test and gathering additional information that can be used for later stages of an assessment. Which of the following would most likely produce useful information for additional testing?

A.

Searching for code repositories associated with a developer who previously worked for the target company code repositories associated with the

B.

Searching for code repositories target company ' s organization

C.

Searching for code repositories associated with the target company ' s organization

D.

Searching for code repositories associated with a developer who previously worked for the target company

Question # 73

A penetration tester was contracted to test a proprietary application for buffer overflow vulnerabilities. Which of the following tools would be BEST suited for this task?

A.

GDB

B.

Burp Suite

C.

SearchSpliot

D.

Netcat

Question # 74

Which of the following OSSTM testing methodologies should be used to test under the worst conditions?

A.

Tandem

B.

Reversal

C.

Semi-authorized

D.

Known environment

Question # 75

A company uses a cloud provider with shared network bandwidth to host a web application on dedicated servers. The company ' s contact with the cloud provider prevents any activities that would interfere with the cloud provider ' s other customers. When engaging with a penetration-testing company to test the application, which of the following should the company avoid?

A.

Crawling the web application ' s URLs looking for vulnerabilities

B.

Fingerprinting all the IP addresses of the application ' s servers

C.

Brute forcing the application ' s passwords

D.

Sending many web requests per second to test DDoS protection

Question # 76

A penetration tester who is working remotely is conducting a penetration test using a wireless connection. Which of the following is the BEST way to provide confidentiality for the client while using this connection?

A.

Configure wireless access to use a AAA server.

B.

Use random MAC addresses on the penetration testing distribution.

C.

Install a host-based firewall on the penetration testing distribution.

D.

Connect to the penetration testing company ' s VPS using a VPN.

Question # 77

A company requires that all hypervisors have the latest available patches installed. Which of the following would BEST explain the reason why this policy is in place?

A.

To provide protection against host OS vulnerabilities

B.

To reduce the probability of a VM escape attack

C.

To fix any misconfigurations of the hypervisor

D.

To enable all features of the hypervisor

Question # 78

Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)

A.

OWASP ZAP

B.

Nmap

C.

Nessus

D.

BeEF

E.

Hydra

F.

Burp Suite

Question # 79

After compromising a remote host, a penetration tester is able to obtain a web shell. A firewall is blocking outbound traffic. Which of the following commands would allow the penetration tester to obtain an interactive shell on the remote host?

A.

bash -i > & /dev/tcp 8443 0 > & l

B.

nc -e host 8443 /bin/bash

C.

nc -vlp 8443 /bin/bash

D.

nc -vp 8443 /bin/bash

Question # 80

During an engagement, a penetration tester found the following list of strings inside a file:

Which of the following is the BEST technique to determine the known plaintext of the strings?

A.

Dictionary attack

B.

Rainbow table attack

C.

Brute-force attack

D.

Credential-stuffing attack

Go to page: